split_private_keys.cc Source File

00001 /*
00002  * Copyright 2003 Michael A. Marsh, Cornell University. All rights reserved.
00003  * This software is released under the modified BSD license.
00004  * See the file LICENSE in the top-level directory for details.
00005  */
00006 //
00007 // $Id: split_private_keys.cc,v 1.4 2004/05/19 15:56:46 mmarsh Exp $
00008 //
00009 // $Log: split_private_keys.cc,v $
00010 // Revision 1.4  2004/05/19 15:56:46  mmarsh
00011 // *** empty log message ***
00012 //
00013 // Revision 1.3  2003/11/06 18:11:51  mmarsh
00014 // Cleaned up doxygen page label and title.
00015 //
00016 // Revision 1.2  2003/11/04 22:07:36  mmarsh
00017 // General code cleanup and reorganization.
00018 //
00019 //
00020 
00063 #include <fstream>
00064 #include <sstream>
00065 #include <openssl/ssl.h>
00066 #include <openssl/conf.h>
00067 #include <unistd.h>
00068 
00069 #include "CODEX_Ciphers/RSA.h"
00070 #include "CODEX_Ciphers/ElGamal.h"
00071 #include "CODEX_Ciphers/SHA1HashFunction.h"
00072 #include "CODEX_VSS/Combinatoric.h"
00073 #include "CODEX_VSS/CombinatoricFeldman.h"
00074 #include "CODEX_Server/ConfigurationExceptions.h"
00075 #include "CODEX_Server/ServerState.h"
00076 #include "CODEX_ThresholdCrypto/ThresholdRSA.h"
00077 #include "CODEX_VSS/ModIntRange.h"
00078 
00079 using namespace CODEX_Server;
00080 
00081 int main( int argc, char** argv )
00082 {
00083    SSLeay_add_ssl_algorithms();
00084 
00085    int arg = 0;
00086    string fname;
00087    string config_section;
00088    string usage_string(
00089       "Usage: split_private_keys -c <config_file> [-s <section>]");
00090    while ( -1 != arg )
00091    {
00092       arg = getopt(argc,argv,"c:s:");
00093       switch(arg)
00094       {
00095          case 'c' :
00096             fname = optarg;
00097             break;
00098          case 's' :
00099             config_section = optarg;
00100             break;
00101          case ':' :
00102          case '?' :
00103             cerr << usage_string << endl;
00104             ::exit(1);
00105       }
00106    }
00107    if ( 0 == fname.size() )
00108    {
00109       cerr << usage_string << endl;
00110       ::exit(1);
00111    }
00112 
00113    try
00114    {
00115       CONF* conf = NCONF_new(NCONF_default());
00116       if ( 0 == NCONF_load(conf,fname.c_str(),0) )
00117       {
00118          throw CODEX_Exceptions::FileCannotOpenException( __FILE__ ,
00119                                                           __LINE__ ,
00120                                                           fname );
00121       }
00122       char* section = (char*) config_section.c_str();
00123 
00124       const unsigned int N = ServerState::nServers;
00125       const unsigned int T = 1 + ServerState::nFaults;
00126 
00127       long dummy;
00128       if ( ! NCONF_get_number_e(conf,section,"nhosts",&dummy) )
00129       {
00130          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00131                                                fname, "nhosts" );
00132       }
00133       unsigned long uDummy = dummy;
00134       if ( N != uDummy )
00135       {
00136          throw BCBadValueException( __FILE__ , __LINE__ , fname , "nhosts" );
00137       }
00138       if ( ! NCONF_get_number_e(conf,section,"nfaults",&dummy) )
00139       {
00140          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00141                                                fname, "nfaults" );
00142       }
00143       if ( (T-1) != dummy )
00144       {
00145          throw BCBadValueException( __FILE__ , __LINE__ , fname, "nfaults" );
00146       }
00147 
00148       const char* privKeyFile =
00149          NCONF_get_string(conf,section,"private_key_file");
00150       if ( 0 == privKeyFile )
00151       {
00152          throw BCBadValueException( __FILE__ , __LINE__ ,
00153                                     fname, "private_key_file" );
00154       }
00155       const char* privKeyPasswd =
00156          NCONF_get_string(conf,section,"private_key_passwd");
00157       CODEX_Ciphers::RSAPrivateKey privKey;
00158       privKey.fromPEMFile( privKeyFile, privKeyPasswd );
00159 
00160       const char* pubEGKeyFile =
00161          NCONF_get_string(conf,section,"public_eg_key_file");
00162       if ( 0 == pubEGKeyFile )
00163       {
00164          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00165                                                fname, "public_eg_key_file" );
00166       }
00167       const char* privEGKeyFile =
00168          NCONF_get_string(conf,section,"private_eg_key_file");
00169       if ( 0 == privEGKeyFile )
00170       {
00171          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00172                                                fname, "private_eg_key_file" );
00173       }
00174       CODEX_Server::SignedAugmentedEGPublicKey pubEGKey;
00175       ifstream is(pubEGKeyFile);
00176       if ( ! is.is_open() )
00177       {
00178          throw CODEX_Exceptions::FileCannotOpenException( __FILE__ ,
00179                                                           __LINE__ ,
00180                                                           pubEGKeyFile );
00181       }
00182       string s;
00183       char ch;
00184       while ( is.get(ch) )
00185       {
00186          s.push_back(ch);
00187       }
00188       //basic_string<unsigned char> s;
00189       //is >> s;
00190       unsigned int length = s.length();
00191       //unsigned char* p = (unsigned char*)s.data();
00192       unsigned char* p = new unsigned char[length];
00193       unsigned char* pOrig = p;
00194       for ( unsigned int i = 0 ; i < length ; ++i )
00195       {
00196          p[i] = s.data()[i];
00197       }
00198       if ( 0 == pubEGKey.unmarshal(0,&p,length) )
00199       {
00200          delete [] pOrig;
00201          throw PublicKeyNotFoundException( __FILE__ , __LINE__ );
00202       }
00203       delete [] pOrig;
00204       CODEX_Ciphers::ElGamalPrivateKey privEGKey;
00205       privEGKey.fromFile( privEGKeyFile );
00206 
00207       typedef CODEX_VSS::Combinatoric< N , T >                ShareType;
00208       typedef CODEX_VSS::ShareSet< ShareType >                SetType;
00209       typedef CODEX_ThresholdCrypto::ThresholdRSARange        RSARangeType;
00210       typedef CODEX_VSS::ModIntRange                          EGRangeType;
00211       typedef CODEX_VSS::ShareSplitting< ShareType >          SplitType;
00212       typedef CODEX_VSS::ModExpFunctional                     OneWay;
00213       typedef CODEX_VSS::ShareLabel< ShareType , OneWay >     LabelType;
00214       typedef CODEX_VSS::LabeledShare< ShareType , OneWay >   LSType;
00215       typedef CODEX_VSS::SecretWitness< ShareType , OneWay >  WitnessType;
00216       typedef LabelType::VType::ValueType                     ValueType;
00217 
00218       // Use a trick -- Integer and BigNumber use the same ASN.1 representation
00219       long gen;
00220       if ( ! NCONF_get_number_e(conf,section,"rsa_generator",&gen ) )
00221       {
00222          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00223                                                fname, "rsa_generator" );
00224       }
00225       if ( gen < 3 ) // minimal value
00226       {
00227          throw BCBadValueException( __FILE__ , __LINE__ ,
00228                                     fname , "rsa_generator" );
00229       }
00230       CODEX_ASN1::Integer generator(gen);
00231       CODEX_ASN1::BigNumber bigGenerator( generator.asn1() );
00232 
00233       const char* output_dir =
00234          NCONF_get_string(conf,section,"output_directory");
00235       if ( 0 == output_dir )
00236       {
00237          throw BCParameterNotDefinedException( __FILE__ , __LINE__ ,
00238                                                fname, "output_directory" );
00239       }
00240 
00241       SetType   rsaShareSet;
00242       RSARangeType rsaRange( privKey.n().value(), ShareType::NumShares );
00243       SplitType::split( privKey.d().value(), rsaShareSet, rsaRange );
00244       OneWay::CtorArgs rsaArgs( bigGenerator, privKey.n() );
00245       OneWay rsaOneWay( rsaArgs );
00246       LabelType rsaLabel(ServerState::RSAKeyNum,0,0,rsaShareSet,rsaOneWay);
00247       ValueType vcrsa;
00248       rsaOneWay( privKey.d(), vcrsa );
00249       WitnessType rsaWitness( vcrsa, rsaArgs );
00250       ostringstream rwstr;
00251       rwstr << output_dir << "/rsa.witness\0";
00252       rsaWitness.toFile( rwstr.str().c_str() );
00253 
00254       SetType   egShareSet;
00255       EGRangeType egRange( pubEGKey.key().key().q() );
00256       SplitType::split(  privEGKey.x().value(), egShareSet, egRange );
00257       OneWay::CtorArgs egArgs( pubEGKey.key().key().g(),
00258                                pubEGKey.key().key().p() );
00259       OneWay egOneWay( egArgs );
00260       LabelType egLabel(ServerState::EGKeyNum,0,0,egShareSet,egOneWay);
00261       ValueType vceg;
00262       egOneWay( privEGKey.x(), vceg );
00263       WitnessType egWitness( vceg, egArgs );
00264       ostringstream ewstr;
00265       ewstr << output_dir << "/elgamal.witness\0";
00266       egWitness.toFile( ewstr.str().c_str() );
00267 
00268       for ( unsigned int i = 0 ; i < N ; ++i )
00269       {
00270          ShareType rsaShare( rsaShareSet, i );
00271          LSType labeledRSA( rsaShare, rsaLabel );
00272          ostringstream rstr;
00273          rstr << output_dir << "/rsa." << i << ".shares" << '\0';
00274          labeledRSA.toFile( rstr.str().c_str() );
00275 
00276          ShareType egShare( egShareSet, i );
00277          LSType labeledEG( egShare, egLabel );
00278          ostringstream estr;
00279          estr << output_dir << "/elgamal." << i << ".shares" << '\0';
00280          labeledEG.toFile( estr.str().c_str() );
00281       }
00282    }
00283    catch ( CODEX_Exceptions::ExceptionBase& e )
00284    {
00285       e.report();
00286       return 1;
00287    }
00288 
00289    return 0;
00290 }